CVE-2007-1001

medium

Description

Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values.

References

http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?r1=1.2.4.1&r2=1.2.4.1.8.1

http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?revision=1.2.4.1.8.1&view=markup

http://docs.info.apple.com/article.html?artnum=306172

http://ifsec.blogspot.com/2007/04/php-521-wbmp-file-handling-integer.html

http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html

http://rhn.redhat.com/errata/RHSA-2007-0155.html

http://secunia.com/advisories/24814

http://secunia.com/advisories/24909

http://secunia.com/advisories/24924

http://secunia.com/advisories/24945

http://secunia.com/advisories/24965

http://secunia.com/advisories/25056

http://secunia.com/advisories/25151

http://secunia.com/advisories/25445

http://secunia.com/advisories/26235

http://security.gentoo.org/glsa/glsa-200705-19.xml

https://exchange.xforce.ibmcloud.com/vulnerabilities/33453

https://issues.rpath.com/browse/RPL-1268

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10179

http://us2.php.net/releases/4_4_7.php

http://us2.php.net/releases/5_2_2.php

http://www.mandriva.com/security/advisories?name=MDKSA-2007:087

http://www.mandriva.com/security/advisories?name=MDKSA-2007:088

http://www.mandriva.com/security/advisories?name=MDKSA-2007:089

http://www.mandriva.com/security/advisories?name=MDKSA-2007:090

http://www.novell.com/linux/security/advisories/2007_32_php.html

http://www.redhat.com/support/errata/RHSA-2007-0153.html

http://www.redhat.com/support/errata/RHSA-2007-0162.html

http://www.vupen.com/english/advisories/2007/1269

http://www.vupen.com/english/advisories/2007/2732

Details

Source: Mitre, NVD

Published: 2007-04-06

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium